[Git][security-tracker-team/security-tracker][master] Add two new CVEs for sslh

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d57f09d0 by Salvatore Bonaccorso at 2025-06-02T22:43:33+02:00
Add two new CVEs for sslh

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -72,9 +72,13 @@ CVE-2025-47289 (CE Phoenix is a free, open-source eCommerce platform. A stored c
 CVE-2025-47272 (The CE Phoenix eCommerce platform, starting in version 1.0.9.7 and pri ...)
 	NOT-FOR-US: CE Phoenix
 CVE-2025-46807 (A Allocation of Resources Without Limits or Throttling vulnerability i ...)
-	TODO: check
+	- sslh <unfixed>
+	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1243122
+	NOTE: Fixed by: https://github.com/yrutschle/sslh/commit/ff8206f7c8a47f901b78a1b78db5a4c788f6aa6f (v2.2.4)
 CVE-2025-46806 (A Use of Out-of-range Pointer Offset vulnerability in sslh leads to de ...)
-	TODO: check
+	- sslh <unfixed>
+	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1243120
+	NOTE: Fixed by: https://github.com/yrutschle/sslh/commit/204305a88fb32cffaf1349253a2b052186ca8d39 (v2.2.4)
 CVE-2025-45542 (SQL injection vulnerability in the registrationform endpoint of CloudC ...)
 	NOT-FOR-US: CloudClassroom-PHP-Project
 CVE-2025-45387 (osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d57f09d072bea2431c2fab954bc634190bfc9c3d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d57f09d072bea2431c2fab954bc634190bfc9c3d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250602/dd185b63/attachment.htm>